Skip to Content
TS-RDC-07 Trust & Stewardship Risk, Data & Compliance CORE Compliance v2.9.7

On-site security governance

Evaluates the framework for managing physical security risks, fulfilling the Amānah to protect life (Ḥifẓ al‑Nafs) and property. This proactive governance builds stakeholder confidence, ensures operational resilience, and safeguards all individuals and assets within the organization's premises. Scope includes all premises under the charity’s control (including entrances/exits, prayer halls, classrooms, offices, car parks, storage rooms, and any on-site events/peak services), and interfaces with safeguarding, H&S, and data protection (CCTV/access logs).

Compliance 9
  • Documented physical security policy and plan
    Documentation Essential
  • RACI/role-map for security governance (Security Lead, Fire Responsible Person, etc.)
    Governance Essential
  • Regular security risk assessments (CTSA/Protect Duty monitoring)
    Monitoring Essential
  • Documented security incident management procedure (reporting, investigation, learning)
    Process Essential
  • Mandatory induction + annual refresher training; role-based steward training
    Training Essential
  • Annual live fire evacuation and invacuation/lockdown drills with pre-brief/debrief
    Training Essential
  • CCTV/access control governance (GDPR/DPIA/Signage)
    Compliance Essential
  • Crowded place/peak service security plan (queueing, screening, HVM)
    Process Essential
  • Contractor control (SIA/Asbestos) and key/card lifecycle controls
    Process Essential
Good 2
  • Staff training includes response procedures
    Excellence High
  • Integrated with the overall risk management framework
    Leadership High
Better 1
  • Regular and varied security drills (e.g., lockdown, bomb threat)
    Continuous Improvement High
Best 2
  • External security assessment by accredited experts
    Excellence High
  • Strong coordination with local law enforcement (Ta‘āwun)
    Collaboration High

Related Criteria

TS-RDC-01 Multi‑scenario financial stress‑testing documented TS-RDC-02 Complaints & whistle-blowing mechanism TS-RDC-03 Due-diligence on delivery partners TS-RDC-04 Serious-incident reporting & escalation TS-RDC-05 Cyber-security baseline (NCSC Cyber Essentials – UK)
Version
2.9.7 2025-11-05

Discussion (1)

Administrator 2026-03-07 11:07:51.977657

📋 **Version updated: 1.0.0 → 2.9.7** **Changes:** Updated islamic_references from mizan-297.json

Sign in to post a comment.

Back to Criteria